Vendor Security Updates for DigiNotar Certificates

Microsoft Security Advisory 2607712 has been updated to revoke the trust of the DigiNotar root certificates by placing them into the Microsoft Untrusted Certificate Store.The update is available via Automatic Update and applies to all supported releases of Microsoft Windows, including Windows XP, Windows Vista, Windows 7, Windows Server 2008, and Windows Server 2008 R2.Copied below are the known issues from Microsoft KB Article 2607712, Microsoft Security Advisory: Fraudulent digital certificates could allow spoofing for this update.

Quote

Known issues A restart is required for all editions of Windows XP and of Windows Server 2003. A restart is not required for all editions of Windows Vista, of Windows 7, of Windows Server 2008, and of Windows Server 2008 R2. The installer stops the required services, applies the update, and then restarts the services. However, if the required services cannot be stopped for any reason, or if required files are being used, this update will require a restart. If this behavior occurs, you receive a message that advises you to restart. At the explicit request of the Dutch government, the release of this update on Windows Update will be delayed for the Netherlands. This update will become available to the Netherlands on Windows Update and on all Automatic Update channels at a later date. Customers who want to manually install this update should click the appropriate platform download in the "Download information" section. On the next page, users will be able to select the language to install and can continue with the download and the installation.

i've read a bunch of articles, but still do not understand what happened.Did someone get certs for sites that they did not actually own ? How would that actually hurt?

Of all tyrannies, a tyranny sincerely exercised for the good of its victims may be the most oppressive. It would be better to live under robber barons than under omnipotent moral busybodies. The robber baron's cruelty may sometimes sleep, his cupidity may at some point be satiated; but those who torment us for our own good will torment us without end for they do so with the approval of their own conscience. ~C. S. Lewis

Hello,DigiNotar, a company which issues digital certificates used to establish cryptographically-secure connections to web sites, was hacked, and over 500 certificates were acquired for high-profile web sites. Amongst other things, this would allow someone* to monitor what would otherwise be secure, private connections to those sites. Passwords, emails, personally-identifiable information and other sensitive data could be viewed by someone* who would otherwise not be able to see that information.Regards,Aryeh Goretsky*Such as a government, ISP, or government-owned ISP.

The delay in disclosing a theft of the digital certificates for some of the Web's biggest sites, including Google, Skype, Microsoft and Yahoo, put Iranian activists' lives at risk, a researcher argued Wednesday.

What’s worse than finding a worm in your apple? Finding half a worm.What’s worse than discovering that someone has launched a man-in-the-middle attack against Iranian Google users, silently intercepting everything from email to search results and possibly putting Iranian activists in danger? Discovering that this attack has been active for two months.People all over the world use Google services for sensitive or private communications every day. Google enables encrypted connections to these services in order to protect users from spying by those who control the network, such as ISPs and governments. Today, the security of this encryption relies entirely on certificates issued by certificate authorities (CAs), which continue to prove vulnerable to attack. When an attacker obtains a fraudulent certificate, he can use it to eavesdrop on the traffic between a user and a website even while the user believes that the connection is secure.The certificate authority system was created decades ago in an era when the biggest on-line security concern was thought to be protecting users from having their credit card numbers intercepted by petty criminals. Today Internet users rely on this system to protect their privacy against nation-states. We doubt it can bear this burden.This latest attack was reportedly caught by a user running the Google Chrome browser in Iran who noticed a warning produced by the “public key pinning” feature which Google introduced in May of this year. Basically, Google hard-coded the fingerprints for its own sites’ encryption keys into Chrome, and told the browser to simply ignore contrary information from certificate authorities. That meant that even if an attacker got a hold of a fake certificate for a Google site—as this attacker did—newer versions of the Chrome browser would not be fooled.Certificate authorities have been caught issuing fraudulent certificates in at least half a dozen high-profile cases in the past two years and EFF has voiced concerns that the problem may be even more widespread. But this is the first time that a fake certificate is known to have been successfully used in the wild. Even worse, the certificate in this attack was issued on July 10th 2011, almost two months ago, and may well have been used to spy on an unknown number of Internet users in Iran from the moment of its issuance until it was revoked earlier today. To be effective, fraudulent certificates do not need to have been issued by the same authority that issued the legitimate certificates. For example, the certificate in question here was issued by a Dutch certificate authority with which Google had no business relationship at all; that didn't make it any less acceptable to web browsers.

This problem is not only related to issues of privacy related to people who's lives would be in danger, but also, victims of malware purveyors as well.Cryptographic keys for SSL sites are only as good as the honesty of the holder and issuer of those keys, as well as the honesty and security diligence of the issuer, in this case DigiNotar.They would like us to think that SSL is extremely safe, but it's not as safe as those who issue them would like us to believe either. Anyone with money can purchase a SSL certificate, and there have been malware purveyors that have also bought them so folks would 'feel' secure. If you see the lock, you think, "Safe". That's what they want you to think.However, just like anyone can purchase what is considered a 'legitimate' SSL certificate, good, bad or indifferent, there are worse things.'Legitimate' SSL certificates can be created by site owners as well, good, bad, or indifferent.The companies that sell SSL certificates and browser makers put out root certificates for their browers and show green or gold with the lock for those obtained by big name sellers of these certificates. So if you are legitimate site owner who creates their own to save money, you are automatically assumed to be 'not legitimate' by browsers and it shows as red/dangerous to users.I don't see what the solution is, but it really doesn't matter whether you make your own, or if you buy one, you are still playing craps with SSL certificates in many ways these days.

On Tuesday, Appelbaum published his analysis on the Tor Project's blog. Tor is a system that lets people connect to the Web anonymously, and is often used in countries where governments monitor their citizens' online activities.

Comodo has issued a statement confirming everything that I've said and more. They believe that this was a targeted attack by a state level actor and they have named Iran as the country they suspect. Mozilla has now opened the bug reports about the issue to the public. Microsoft has now disclosed their report as well.In the details of their statement we have a confirmation that they have the ability to monitor and thus surveille people who wish to know if certificates are valid.Comodo also clearly demonstrate a mis-understanding - they believe that checks for revocation are proof positive that certificates are being used. They need to read and understand why this is not true.

There is a first time for many things. Sometimes this is positive, but other times it is unfortunate. This time, we're dealing with one of the latter variety.Today, we have updated the Opera Rootstore and disabled the DigiNotar Root (Note: DigiNotar is not in any way associated with DigiCert, which is another CA).The reason for this action is due to last week's news about the large scale attack on DigiNotar's CA systems and the subsequent discoveries about what has happened after the attack.This is the first step in our handling of this incident. We are currently testing further updates that will add the DigiNotar Root to our "Untrusted" repository.That a CA gets attacked and even tricked into issuing certificates that turn out to be fraudulent is not, by itself, a reason to revoke trust in a Root CA. CAs are high profile targets for criminals given the role CAs have in the online security framework; it is how the CA responds to such events that determine how much we can trust it.

Update 2: After a conversation with Seth Bromberger we have some new details. First, the reason you're unable to replicate this issue is that DigiNotar appears to have re-issued certificates. You can see Seth's screencast showing the issue here (you may need to go fullscreen to see the text). Further, DigiNotar appears to have chained their certificates to the Dutch government, we're not sure why.But there's a larger problem here, and that involves how Keychain and Safari work to try and protect you from unsafe sites -- those signed by bad authorities. Essentially, the way this works in every other browser is that, if you take any certificate in Keychain and say "Never Trust" you will get a warning when visiting a site signed with that CA. In Safari, this doesn't happen. Instead, you must delete the certificate entirely. We're not sure why this is so, but Apple has apparently known about this for a while and done nothing to change what would seem like an obvious method for protecting users.We're working on this story, stay tuned for a separate post. - Victor

What a mess and I wonder if these issues will come up with other OSes/browers as well if the DigiNator has linked their certs with the Dutch government?! Or is this an Apple only issue that apparently Apple has been aware of and not fixed?!More in the article.

I think I'm still confused.To me it seems it is not a hack, but a "man-in-the-middle" interception, or more likely a "government-in-the-middle" interception.The DigiNotor was tricked into giving a CERT to maybeIran for https://abc.wwwthe maybeIran setup a DNS so that all traffic that was destined for https://abc.www first went to https://middle.yyy where the data stream was stored and then sent on to the real https://abc.wwwIs this correct? if so, it seems more like DNS poisoning than a hack.

Of all tyrannies, a tyranny sincerely exercised for the good of its victims may be the most oppressive. It would be better to live under robber barons than under omnipotent moral busybodies. The robber baron's cruelty may sometimes sleep, his cupidity may at some point be satiated; but those who torment us for our own good will torment us without end for they do so with the approval of their own conscience. ~C. S. Lewis

Exactly! They couldn't have done a man in the middle very easily with that first step for something like this for sure.Wow, DigiNotar breach affected 531 Certificates. I hadn't know exactly how many till now... and now GlobalSign too. How many others? And could it be part of the reason for some of these malware attacks that seem to come out of nowhere? Where folks really can't finger when they got hit. Most times they remember when something went a bit screwy, but have had a few recently where they really couldn't tell and they were bad infections too. I am talking root kits, backdoors, etc. that are not your normal malware trojans.

Because Safari relies on the underlying operating system to tell it which certificates have been revoked or banned entirely, Apple must update Mac OS X. The Windows edition of Safari, which has a negligible share of the browser market, taps Windows' certificate list: That version is safe to use once Microsoft's Tuesday patch is applied.

There is still a relatively simple fix to the problem until Apple issues a patch to Mac OS X, however. Using Keychain Access, users can simply delete any DigiNotar certs from the Keychain instead of marking them "untrusted." Since the authority has already revoked all the fraudulent certs, they will no longer validate when Safari or other Mac OS X programs encounter them again.UPDATE: Sleevi contacted Ars to let us know that deleting the DigiNotar root certificate is actually not enough to be completely protected from the hacked certs. "In order to fully work around the issue that exists in OS X, it's necessary to both remove the root cert and make a series of modifications via command-line to the system trust store," Sleevi said. He recommends following the instructions posted at $ps|Enable to fully protect your system.

Steps to revoke the trust from the Mac OS X keychain.These instructions in PDF form for printing or download here. Download a package that will delete the DigiNotar Root CA certificates and will revoke the trust on the two root certificates and the four DigiNotar intermediate certificates. The package is now at version 2.1. Please use this version instead of versions 1.0 and 2.0. Update (7-Sep-2011 12:12 PM EDT): News reports state that the GlobalSign CA may also have been compromised. I will be tracking this as well and updating tools and notes as I find out information. Update (7-Sep-2011 1:26 AM EDT): Installer package updated to delete the two bad root certificates and mark the two root certificates and four intermediate certificates as untrusted. Step-by-step instructions on HTML page and PDF updated. Text, info, and links updated with info on number of compromised certs. Update (6-Sep-2011 11:10 PM EDT): It's been a long day for me doing business-type work that pays the bills, but it turns out that you actually need to mark the DigiNotar root certificates as untrusted as well as deleting them from the SystemRootCertificates.keychain. I will be updating the instructions and package later tonight. Fortunately, the package is built so that adding the two root certificates to the list of certs to be marked as untrusted is very easy. My thanks to Ryan Sleevi for assistance and insights.

bold emphasis mineSo basically I have disabled it and now deleting it.

A second company that provides digital certificates used to authenticate Web sites won't be issuing them while it investigates whether it has been compromised as a hacker has claimed.A hacker who goes by the alias "Ich Sun" has taken responsibility for a recent breach at Dutch certificate authority DigiNotar that resulted in more than 500 SSL (Secure Sockets Layer) certificates being fraudulently issued, including one that was used to spoof Google.com.The self-proclaimed Iranian patriot, who was behind a hack on certificate authority Comodo this spring, says he has hacked four or more certificate authorities, including GlobalSign.

Apple today released an update to Mac OS X that blocks Safari users from reaching sites secured with certificates stolen from a Dutch company last summer.The update follows others by Microsoft, Google, Mozilla and Opera Software, which have already blocked or permanently barred the use of all certificates issued by DigiNotar, a certificate authority, or CA, that acknowledged its servers were breached and unauthorized SSL (secure socket layer) certificates obtained by one or more attackers.Apple's update came just days after a security researcher criticized the company for "dragging its feet." In March, Apple took a month to block nine certificates stolen from U.S.-based Comodo, three weeks longer than Microsoft.

Since this topic evolved into information about multiple products, the title has been updated.